What's the difference between a Key and a KeySpec?

Question

In the Java crypto libraries, there are two different representations of a key - Key and KeySpec. The docs imply there's a difference between the two - a KeySpec is 'transparent' (whatever that means), but has no methods, whereas Key has got a getEncoded method. You're meant to use a KeyFactory to convert between the two (and it indeed has got a getKeySpec method to convert).

However, SecretKeySpec implements both Key and KeySpec! But there is a SecretKeyFactory class as well, that doesn't inherit off KeyFactory.

All this has left me thoroughly confused. What's the different between a Key and a KeySpec, and how does SecretKeySpec and SecretKeyFactory come into it?

Answer 1

Transparent here means that all classes/interfaces implementing/extending the KeySpec interface are supposed to reveal metadata about the key, in a provider independent way. This metadata is never used actually in common uses of the key(encryption etc.), but only used if there is need to look into the mathematical attributes of the key. Knowledge of such provider independent data about the key can be useful for example if you want to generate the key from/to a byte stream, hook the key if it resides on an HSM, or even find out if a key is weak like:

DESKeySpec.isWeak(byte[] key, int offset)

Whatever metadata you want to expose about your key is upto you. KeySpec just acts as a marker interface (marker interface design pattern).

As opposed to such possible introspection with the KeySpec, the keys generated using SecretKeyFactory are "opaque", in the sense that you cannot get full mathematical(modulus, exponent, encoding, etc.) and other(if provided like DESKeySpec above) metadata about the key.

SecretKeySpec on the other hand is JCE's out of the box solution for generating keys from byte streams, and hence it implements both Key and KeySpec- to generate the key using KeySpec provided, and make the key available using Key.getEncoded().

Answer 2

Key objects and key specifications (KeySpecs) are two different representations of key data.

Ciphers use Key objects to initialize their encryption algorithms, but keys may need to be converted into a more portable format for transmission or storage.

A transparent representation of keys means that you can access each key material value individually, through one of the get methods defined in the corresponding specification class.

For example, DSAPrivateKeySpec defines getX, getP, getQ, and getG methods, to access the private key x, and the DSA algorithm parameters used to calculate the key(the prime p, the sub-prime q, and the base g). 

If the key is stored on a hardware device, its specification may contain information that helps identify the key on the device.This representation is contrasted with an opaque representation, as defined by the Key interface, in which you have no direct access to the key material fields. In other words, an "opaque" representation gives you limited access to the key-just the three methods defined by the Key interface: getAlgorithm, getFormat, and getEncoded.

A key may be specified in an algorithm-specific way, or in an algorithm-independent encoding format (such as ASN.1).

For example, a DSA private key may be specified by its components x, p, q, and g (eg: DSAPrivateKeySpec), or it may be specified using its DER encoding (eg: PKCS8EncodedKeySpec).

The KeyFactory and SecretKeyFactory classes can be used to convert between opaque and transparent key representations that is, between Keys and KeySpecs.

Reference and more details available at: https://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html#KeySpecs